diff options
| author |  Johannes Christ <[email protected]> | 2024-07-30 19:16:53 +0200 |
|---|---|---|
| committer |  Joe Banks <[email protected]> | 2024-08-06 20:53:34 +0100 |
| commit | 55df090d03a0b412a16139197673bb0fbd1bf139 (patch) | |
| tree | f0daa6781e1cb22e693a005768a5915486a36143 | |
| parent | Update OpenDMARC to ensure that mail is quarantined or rejected (diff) | |
Enable fail2ban jails for postfix
Closes #433.
| -rw-r--r-- | ansible/roles/fail2ban/templates/jail.local.j2 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ansible/roles/fail2ban/templates/jail.local.j2 b/ansible/roles/fail2ban/templates/jail.local.j2 index ba1b50d..35589ee 100644 --- a/ansible/roles/fail2ban/templates/jail.local.j2 +++ b/ansible/roles/fail2ban/templates/jail.local.j2 @@ -14,3 +14,21 @@ banaction_allports = nftables[type=allports] [sshd] mode = aggressive backend=systemd + +{% if "mail" in group_names %} +[postfix] +enabled = true +bantime = 1d + +[postfix-submission] +filter = postfix +port = submission +enabled = true +bantime = 1d + +[postfix-errors] +filter = postfix[mode=errors] +enabled = true +maxretry = 3 +bantime = 7d +{% endif %} |